Intel + McAfee: Crazy, or Crazy Like a Fox?

Intel + McAfee: Crazy, or Crazy Like a Fox?

When Intel revealed late last week that it was purchasing security software firm McAfee for a staggering $7.86 billion, the announcement was received with a collective "huh??" from industry insiders. Intel, the world's dominant chipmaker, and a company still embroiled in the kinds of antitrust issues that Microsoft left behind it years ago, seemingly has little in common with McAfee, which has fed, leech-like, on real and imagined PC security problems for decades. What kind of synergy could these two companies possibly offer?

The answer, amazingly, could make sense. I've argued for years that security isn't an application or service that PC users should buy, but that it is rather a feature of the software systems we use, and should thus be included, for free, with those systems. I've made this argument in terms of Windows, generally, because Windows is the dominant software platform on both the client and the server.

The thing is, the world is changing. Sure, PC makers will sell more PCs this year than last, and more again in 2011. But increasingly, users from around the globe are accessing computing resources on the go, using smart phones and other mobile devices. And while this may seem strange to someone who grew up in a connected, first-world country, for a growing generation of users, those mobile devices are, in fact, the only form computing they'll ever know.

Point being that the discussion around security and other safety protections needs to extend beyond the software OS that is currently found on the dominant computing platform. And that's exactly the bet that Intel is making, that it isn't only PCs that need to be protected, but also the aforementioned smart phones and mobile devices, TVs, cars, medical devices, and much, much more. As our planet becomes ever more connected, our need for integrated protection from electronic threats becomes ever more important.

My initial reaction to the McAfee purchase was one of shock, but the more I think about this ongoing industry direction, the more I start to see the sense in Intel's move, and the opportunity it represents. And rather than make snide jokes about annual McAfee security subscriptions for toasters and DVD players--an all-too real possibility, sadly--I'm trying to envision a future where Intel instead sells its integrated microprocessor and chipset systems based, in part, on their integrated security functionality. In other words, Intel will, hopefully, simply include McAfee-based protections in its products and use them as one of many selling points versus the competition.

This is, of course, a thrilling proposition. And if we limit this discussion solely to the PC desktop for a moment, even the possibilities there are interesting. Rather than today's situation, where consumers and businesses are expected to purchase expensive security software subscriptions, PCs should simply ship with low-level, hardware-based security features that are, in turn, leveraged by Windows and other software systems.

But wait, you say: Didn't Microsoft, Intel and others already try something like this with the Palladium technologies that became Next-Generation Secure Computing Base (NGSCB) and then were significantly detuned only to appear in more limited form as BitLocker and the Trusted Platform Module? Why yes, they did.

And while I feel somewhat lonely in this belief, it was a good idea then and it's an even better idea now because the security protections can be so much more wide-reaching. Indeed, coupled with the integrated security protections in non-PC devices, we could indeed finally be heading towards a future that is both more connected and more secure.

When the Intel/McAfee announcement came last week, I jokingly opined that Intel should do the world a favor and simply put down McAfee, saving us all from bloated and unnecessary software suites. But maybe that's exactly what Intel will do: Integrate the underlying McAfee technologies into its hardware products, and provide OS and software application makers like Microsoft with the hooks they need to take advantage of the new features. Then, over time, we won't need additional security software on PCs, and, in the future, on other connected devices.

This is an idealistic view, of course. But that doesn't mean it's not possible, or that it won't happen. And if it does, Intel's purchase of McAfee won't seem crazy at all. Indeed, it may be seen as an important turning point for the industry at large. Cross your fingers.

An edited version of this article appeared in the August 24, 2010 issue of Windows IT Pro UPDATE. --Paul